Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2025-10676

    A weakness has been identified in fuyang_lipengjun platform 1.0. Affected is the function BrandController of the file /brand/queryAll. Executing manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has been mad... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2023-53430

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: dma: fix memory leak running mt76_dma_tx_cleanup Fix device unregister memory leak and alway cleanup all configured rx queues in mt76_dma_tx_cleanup routine.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 6.4

    MEDIUM
    CVE-2025-6198

    There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image.... Read more

    Affected Products :
    • Published: Sep. 19, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53437

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025

  • 10.0

    CRITICAL
    CVE-2025-10035

    A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.... Read more

    Affected Products : goanywhere_managed_file_transfer
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2023-53439

    In the Linux kernel, the following vulnerability has been resolved: net: skb_partial_csum_set() fix against transport header magic value skb->transport_header uses the special 0xFFFF value to mark if the transport header was set or not. We must prevent... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Misconfiguration

  • 7.0

    HIGH
    CVE-2025-59215

    Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products : windows_11_24h2 windows_server_2025
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025

  • 6.6

    MEDIUM
    CVE-2025-7937

    There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW . An attacker can update the system firmware with a specially crafted image.... Read more

    Affected Products :
    • Published: Sep. 19, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53444

    In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulk_move corruption when adding a entry When the resource is the first in the bulk_move range, adding it again (thus moving it to the tail) will corrupt the list since the... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53429

    In the Linux kernel, the following vulnerability has been resolved: btrfs: don't check PageError in __extent_writepage __extent_writepage currenly sets PageError whenever any error happens, and the also checks for PageError to decide if to call error ha... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53424

    In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix of_iomap memory leak Smatch reports: drivers/clk/mediatek/clk-mtk.c:583 mtk_clk_simple_probe() warn: 'base' from of_iomap() not released on lines: 496. This prob... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53423

    In the Linux kernel, the following vulnerability has been resolved: objtool: Fix memory leak in create_static_call_sections() strdup() allocates memory for key_name. We need to release the memory in the following error paths. Add free() to avoid memory ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50418

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register() mhi_alloc_controller() allocates a memory space for mhi_ctrl. When gets some error, mhi_ctrl should be freed with m... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50417

    In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix GEM handle creation ref-counting panfrost_gem_create_with_handle() previously returned a BO but with the only reference being from the handle, which user space could i... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53432

    In the Linux kernel, the following vulnerability has been resolved: firewire: net: fix use after free in fwnet_finish_incoming_packet() The netif_rx() function frees the skb so we can't dereference it to save the skb->len.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50416

    In the Linux kernel, the following vulnerability has been resolved: irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init() If of_iomap() failed, 'aic' should be freed before return. Otherwise there is a memory leak.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53399

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem() If share is , share->path is NULL and it cause NULL pointer dereference issue.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50406

    In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual add... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50402

    In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() Check the return value of md_bitmap_get_counter() in case it returns NULL pointer, which will result in a null po... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50413

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free We've already freed the assoc_data at this point, so need to use another copy of the AP (MLD) address instead.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4405 Results